More on LinuxToday

"Vendors are playing catch-up this week - several major
things, even more minor things. Ncurses has some buffer
overflows that might allow an attacker to gain extra privileges, if
the program using it is setuid. Tmpwatch has a bug that allows
attackers to execute a denial of service, and in some cases
possibly get a root shell. Big Brother can be tricked into running
shell commands; cfengine has some problems in syslog calls that can
be used to run commands as the user cfengine runs as (usually
root); and Boa Web server has a file disclosure vulnerability."

"We lead off with general advisories and exploit code, then move
to vendor advisories. Most items appear in alphabetical order. If
we're missing a Linux vendor's advisory, please tell us - ditto for
any Linux-related security alerts. The long strings of hex in front
of package names are MD5 signatures."

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.